finalize-pr

SUSPICIOUS: the stated purpose matches the visible workflow, but the skill enables bounded autonomous PR pushes and code-fixing based on external CI/review content, while delegating all sensitive actions to opaque sub-skills with unverifiable provenance from this file alone. No direct exfiltration or malicious mismatch is visible, but the hidden execution surface and autonomous write/push behavior make the overall risk medium.